| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <e3a807b1d5f728c178f43b453f3b495bf53abfce.camel@sipsolutions.net>
Date: Fri, 09 Oct 2020 10:44:35 +0200
From: Johannes Berg <johannes@...solutions.net>
To: David Laight <David.Laight@...LAB.COM>,
Greg KH <gregkh@...uxfoundation.org>
Cc: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"nstange@...e.de" <nstange@...e.de>,
"ap420073@...il.com" <ap420073@...il.com>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"linux-wireless@...r.kernel.org" <linux-wireless@...r.kernel.org>,
"rafael@...nel.org" <rafael@...nel.org>
Subject: Re: [CRAZY-RFF] debugfs: track open files and release on remove
On Fri, 2020-10-09 at 08:34 +0000, David Laight wrote:
>
> > I think adding the .owner everywhere would be good, and perhaps we can
> > somehow put a check somewhere like
> >
> > WARN_ON(is_module_address((unsigned long)fops) && !fops->owner);
> >
> > to prevent the issue in the future?
>
> Does it ever make any sense to set .owner to anything other than
> THIS_MODULE?
No. But I believe THIS_MODULE is NULL for built-in code, so we can't
just WARN_ON(!fops->owner).
> If not the code that saves the 'struct file_operations' address
> ought to be able to save the associated module.
No, it's const.
> I was also wondering if this affects normal opens?
> They should hold a reference on the module to stop it being unloaded.
> Does that rely on .owner being set?
Yes.
> For debugfs surely it is possible to determine and save THIS_MODULE
> when he nodes are registers and do a try_module_get() in the open?
I don't really see where to save it?
johannes
Powered by blists - more mailing lists